Microport Status, Net Buyout
root at spdyne.UUCP
root at spdyne.UUCP
Tue Apr 18 08:57:00 AEST 1989
plocher%sally at Sun.COM Writes:
> +---- In article <1700020 at spdyne> Chert Pellett writes: (ME..)
> | I'd like to pick up the text prep tools from interactive, but I don't care
> | for the rest of the system. [A wonderful example is the way that 'su' is
> | broke: if you su [to any user or root], from any tty other than the console,
> | it will log you off!
> +----
>
> In the directory /etc/default there are several text files which you might
> want to look at. One of them is called login, another good one is called su.
> Edit these and Delete the "CONSOLE=/dev/console" line in each file. This
> will allow root logins anywhere (/etc/default/login) and allow anyone to su
> from anywhere (/etc/default/su) (as long as they know the correct passwords!)
>
> You must be root to edit these files.
>
> Don't blame ISC for this, it is a Good Thing to have! Can you spell
> S E C U R I T Y ? Yes, I knew you could. :-)
>
> -John Plocher
Hummm... Can you spell D O C U M E N T A T I O N ? Didn't think so..:-)
{Directed toward AT&T - Not John..)
Just try to find at least one line of documentation on this...
Sigh, I noticed that on Uport, the directory doesn't exist at all! No wonder
things are working like I would expect.. Yes, it is more secure to have
get_passwd (3S?) only work on the console, but let's be real, Rogue7 uses it!
[For Wizard mode...]
[Someone else posted that it was the code in get_passwd(3S) that did this
checking.]
As well as a BUNCH of other similar programs!! That could be used on any port.
I would prefer to have Su return an error status and issue the message
"Sorry." like it does when you get the password wrong.
Logging someone off because they attempted to Su to uucp [or some other
user], is just plain stupid. At least having it do it by default is...
-Chert Pellett
chert at spdyne
More information about the Comp.unix.microport
mailing list